Monday, April 4, 2022

Just some basic breachers

from here and here

I suppose one of you will have to change.

It seems a little bit weird for state backed attackers to treat a zero-day like a commodity bit of code. Usually you expect to hear about them used in a high-value targeted attack, not sprayed by multiple threat groups at the same time. Did each of those groups know the other was also using the same exploit? Were they coordinating their efforts or just racing to get their attacks out the door before the other had a chance burn the exploit in a noisy attack?